CVE-2022-43425 in Checkbox Parameter Plugin
Zusammenfassung
von MITRE • 19.10.2022
Jenkins Custom Checkbox Parameter Plugin 1.4 and earlier does not escape the name and description of Custom Checkbox Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.